How to authenticate Supertest requests with Passport?

node.js mocha.js passport.js supertest

I'm using Passport.js for authentication (local strategy) and testing with Mocha and Supertest.

How can I create a session and make authenticated requests with Supertest?


Solution 1:

As zeMirco points out, the underlying superagent module supports sessions, automatically maintaining cookies for you. However, it is possible to use the superagent.agent() functionality from supertest, through an undocumented feature.

Simply use require('supertest').agent('url') instead of require('supertest')('url'):

var request = require('supertest');
var server = request.agent('http://localhost:3000');

describe('GET /api/getDir', function(){
    it('login', loginUser());
    it('uri that requires user to be logged in', function(done){
    server
        .get('/api/getDir')                       
        .expect(200)
        .end(function(err, res){
            if (err) return done(err);
            console.log(res.body);
            done()
        });
    });
});


function loginUser() {
    return function(done) {
        server
            .post('/login')
            .send({ username: 'admin', password: 'admin' })
            .expect(302)
            .expect('Location', '/')
            .end(onResponse);

        function onResponse(err, res) {
           if (err) return done(err);
           return done();
        }
    };
};

Solution 2:

You should use superagent for that. It is lower level module and used by supertest. Take a look at the section Persisting an agent:

var request = require('superagent');
var user1 = request.agent();
user1
  .post('http://localhost:4000/signin')
  .send({ user: '[email protected]', password: 'password' })
  .end(function(err, res) {
    // user1 will manage its own cookies
    // res.redirects contains an Array of redirects
  });

Now you can use user1 to make authenticated requests.

Solution 3:

Try this,

  var request=require('supertest');
  var cookie;
  request(app)
  .post('/login')
  .send({ email: "[email protected]", password:'password' })
  .end(function(err,res){
    res.should.have.status(200);
    cookie = res.headers['set-cookie'];
    done();        
  });

  //
  // and use the cookie on the next request
  request(app)
  .get('/v1/your/path')
  .set('cookie', cookie)
  .end(function(err,res){  
    res.should.have.status(200);
    done();        
  });

Related

Adding a new project to an existing solution in TFS
c++ STL set difference
What Visual Studio files should be ignored by subversion to minimize conflicts?
Most efficient way to get next letter in the alphabet using PHP
How to rename a class and its corresponding file in Eclipse?
Formatting money in twig templates
How to access shared folder without giving username and password [closed]
Scala - What is the difference between size and length of a Seq?
Android Studio drawable folders
Xcode storyboard: Internal error. Please file a bug
Calling [self methodName] from inside a block?
Use css gradient over background image